Firewall rules
List all firewall rules for the specified NIC.
The unique ID of the data center.
The unique ID of the server.
The unique ID of the NIC.
Controls whether the response is pretty-printed (with indentations and new lines).
trueControls the detail depth of the response objects. GET /datacenters/[ID] - depth=0: Only direct properties are included; children (servers and other elements) are not included. - depth=1: Direct properties and children references are included. - depth=2: Direct properties and children properties are included. - depth=3: Direct properties and children properties and children's children are included. - depth=... and so on
0The first element (from the complete list of the elements) to include in the response (used together with limit for pagination).
0The maximum number of elements to return (use together with offset for pagination).
1000Users with multiple contracts must provide the contract number, for which all API requests are to be executed.
GET /cloudapi/v6/datacenters/{datacenterId}/servers/{serverId}/nics/{nicId}/firewallrules HTTP/1.1
Host: api.ionos.com
Authorization: Basic username:password
Accept: */*
{
"id": "15f67991-0f51-4efc-a8ad-ef1fb31a480c",
"type": "collection",
"href": "<RESOURCE-URI>",
"items": [
{
"id": "15f67991-0f51-4efc-a8ad-ef1fb31a480c",
"type": "firewall-rule",
"href": "<RESOURCE-URI>",
"metadata": {
"etag": "45480eb3fbfc31f1d916c1eaa4abdcc3",
"createdDate": "2015-12-04T14:34:09.809Z",
"createdBy": "[email protected]",
"createdByUserId": "[email protected]",
"lastModifiedDate": "2015-12-04T14:34:09.809Z",
"lastModifiedBy": "[email protected]",
"lastModifiedByUserId": "63cef532-26fe-4a64-a4e0-de7c8a506c90",
"state": "AVAILABLE"
},
"properties": {
"name": "My resource",
"protocol": "TCP",
"sourceMac": "00:0a:95:9d:68:16",
"ipVersion": "IPv4",
"sourceIp": "22.231.113.64",
"targetIp": "22.231.113.64",
"icmpCode": 0,
"icmpType": 8,
"portRangeStart": 8,
"portRangeEnd": 8,
"type": "INGRESS"
}
}
],
"offset": 0,
"limit": 1000,
"_links": {
"prev": "<PREVIOUS-PAGE-URI>",
"self": "<THIS-PAGE-URI>",
"next": "<NEXT-PAGE-URI>"
}
}Creates a firewall rule for the specified NIC.
The unique ID of the data center.
The unique ID of the server.
The unique ID of the NIC.
Controls whether the response is pretty-printed (with indentations and new lines).
trueControls the detail depth of the response objects. GET /datacenters/[ID] - depth=0: Only direct properties are included; children (servers and other elements) are not included. - depth=1: Direct properties and children references are included. - depth=2: Direct properties and children properties are included. - depth=3: Direct properties and children properties and children's children are included. - depth=... and so on
0Users with multiple contracts must provide the contract number, for which all API requests are to be executed.
The resource's unique identifier.
15f67991-0f51-4efc-a8ad-ef1fb31a480cThe type of object that has been created.
firewall-ruleURL to the object representation (absolute path).
<RESOURCE-URI>POST /cloudapi/v6/datacenters/{datacenterId}/servers/{serverId}/nics/{nicId}/firewallrules HTTP/1.1
Host: api.ionos.com
Authorization: Basic username:password
Content-Type: application/json
Accept: */*
Content-Length: 275
{
"type": "firewall-rule",
"metadata": {},
"properties": {
"name": "My resource",
"protocol": "TCP",
"sourceMac": "00:0a:95:9d:68:16",
"ipVersion": "IPv4",
"sourceIp": "22.231.113.64",
"targetIp": "22.231.113.64",
"icmpCode": 0,
"icmpType": 8,
"portRangeStart": 8,
"portRangeEnd": 8,
"type": "INGRESS"
}
}{
"id": "15f67991-0f51-4efc-a8ad-ef1fb31a480c",
"type": "firewall-rule",
"href": "<RESOURCE-URI>",
"metadata": {
"etag": "45480eb3fbfc31f1d916c1eaa4abdcc3",
"createdDate": "2015-12-04T14:34:09.809Z",
"createdBy": "[email protected]",
"createdByUserId": "[email protected]",
"lastModifiedDate": "2015-12-04T14:34:09.809Z",
"lastModifiedBy": "[email protected]",
"lastModifiedByUserId": "63cef532-26fe-4a64-a4e0-de7c8a506c90",
"state": "AVAILABLE"
},
"properties": {
"name": "My resource",
"protocol": "TCP",
"sourceMac": "00:0a:95:9d:68:16",
"ipVersion": "IPv4",
"sourceIp": "22.231.113.64",
"targetIp": "22.231.113.64",
"icmpCode": 0,
"icmpType": 8,
"portRangeStart": 8,
"portRangeEnd": 8,
"type": "INGRESS"
}
}Retrieve the properties of the specified firewall rule.
The unique ID of the data center.
The unique ID of the server.
The unique ID of the NIC.
The unique ID of the firewall rule.
Controls whether the response is pretty-printed (with indentations and new lines).
trueControls the detail depth of the response objects. GET /datacenters/[ID] - depth=0: Only direct properties are included; children (servers and other elements) are not included. - depth=1: Direct properties and children references are included. - depth=2: Direct properties and children properties are included. - depth=3: Direct properties and children properties and children's children are included. - depth=... and so on
0Users with multiple contracts must provide the contract number, for which all API requests are to be executed.
GET /cloudapi/v6/datacenters/{datacenterId}/servers/{serverId}/nics/{nicId}/firewallrules/{firewallruleId} HTTP/1.1
Host: api.ionos.com
Authorization: Basic username:password
Accept: */*
{
"id": "15f67991-0f51-4efc-a8ad-ef1fb31a480c",
"type": "firewall-rule",
"href": "<RESOURCE-URI>",
"metadata": {
"etag": "45480eb3fbfc31f1d916c1eaa4abdcc3",
"createdDate": "2015-12-04T14:34:09.809Z",
"createdBy": "[email protected]",
"createdByUserId": "[email protected]",
"lastModifiedDate": "2015-12-04T14:34:09.809Z",
"lastModifiedBy": "[email protected]",
"lastModifiedByUserId": "63cef532-26fe-4a64-a4e0-de7c8a506c90",
"state": "AVAILABLE"
},
"properties": {
"name": "My resource",
"protocol": "TCP",
"sourceMac": "00:0a:95:9d:68:16",
"ipVersion": "IPv4",
"sourceIp": "22.231.113.64",
"targetIp": "22.231.113.64",
"icmpCode": 0,
"icmpType": 8,
"portRangeStart": 8,
"portRangeEnd": 8,
"type": "INGRESS"
}
}Modifies the properties of the specified firewall rule.
The unique ID of the data center.
The unique ID of the server.
The unique ID of the NIC.
The unique ID of the firewall rule.
Controls whether the response is pretty-printed (with indentations and new lines).
trueControls the detail depth of the response objects. GET /datacenters/[ID] - depth=0: Only direct properties are included; children (servers and other elements) are not included. - depth=1: Direct properties and children references are included. - depth=2: Direct properties and children properties are included. - depth=3: Direct properties and children properties and children's children are included. - depth=... and so on
0Users with multiple contracts must provide the contract number, for which all API requests are to be executed.
The resource's unique identifier.
15f67991-0f51-4efc-a8ad-ef1fb31a480cThe type of object that has been created.
firewall-ruleURL to the object representation (absolute path).
<RESOURCE-URI>PUT /cloudapi/v6/datacenters/{datacenterId}/servers/{serverId}/nics/{nicId}/firewallrules/{firewallruleId} HTTP/1.1
Host: api.ionos.com
Authorization: Basic username:password
Content-Type: application/json
Accept: */*
Content-Length: 275
{
"type": "firewall-rule",
"metadata": {},
"properties": {
"name": "My resource",
"protocol": "TCP",
"sourceMac": "00:0a:95:9d:68:16",
"ipVersion": "IPv4",
"sourceIp": "22.231.113.64",
"targetIp": "22.231.113.64",
"icmpCode": 0,
"icmpType": 8,
"portRangeStart": 8,
"portRangeEnd": 8,
"type": "INGRESS"
}
}{
"id": "15f67991-0f51-4efc-a8ad-ef1fb31a480c",
"type": "firewall-rule",
"href": "<RESOURCE-URI>",
"metadata": {
"etag": "45480eb3fbfc31f1d916c1eaa4abdcc3",
"createdDate": "2015-12-04T14:34:09.809Z",
"createdBy": "[email protected]",
"createdByUserId": "[email protected]",
"lastModifiedDate": "2015-12-04T14:34:09.809Z",
"lastModifiedBy": "[email protected]",
"lastModifiedByUserId": "63cef532-26fe-4a64-a4e0-de7c8a506c90",
"state": "AVAILABLE"
},
"properties": {
"name": "My resource",
"protocol": "TCP",
"sourceMac": "00:0a:95:9d:68:16",
"ipVersion": "IPv4",
"sourceIp": "22.231.113.64",
"targetIp": "22.231.113.64",
"icmpCode": 0,
"icmpType": 8,
"portRangeStart": 8,
"portRangeEnd": 8,
"type": "INGRESS"
}
}Delete the specified firewall rule.
The unique ID of the data center.
The unique ID of the server.
The unique ID of the NIC.
The unique ID of the firewall rule.
Controls whether the response is pretty-printed (with indentations and new lines).
trueControls the detail depth of the response objects. GET /datacenters/[ID] - depth=0: Only direct properties are included; children (servers and other elements) are not included. - depth=1: Direct properties and children references are included. - depth=2: Direct properties and children properties are included. - depth=3: Direct properties and children properties and children's children are included. - depth=... and so on
0Users with multiple contracts must provide the contract number, for which all API requests are to be executed.
DELETE /cloudapi/v6/datacenters/{datacenterId}/servers/{serverId}/nics/{nicId}/firewallrules/{firewallruleId} HTTP/1.1
Host: api.ionos.com
Authorization: Basic username:password
Accept: */*
No content
Update the properties of the specified firewall rule.
The unique ID of the data center.
The unique ID of the server.
The unique ID of the NIC.
The unique ID of the firewall rule.
Controls whether the response is pretty-printed (with indentations and new lines).
trueControls the detail depth of the response objects. GET /datacenters/[ID] - depth=0: Only direct properties are included; children (servers and other elements) are not included. - depth=1: Direct properties and children references are included. - depth=2: Direct properties and children properties are included. - depth=3: Direct properties and children properties and children's children are included. - depth=... and so on
0Users with multiple contracts must provide the contract number, for which all API requests are to be executed.
The name of the resource.
My resourceThe protocol for the rule. Property cannot be modified after it is created (disallowed in update requests).
TCPPossible values: Only traffic originating from the respective MAC address is allowed. Valid format: aa:bb:cc:dd:ee:ff. Value null allows traffic from any MAC address.
00:0a:95:9d:68:16The IP version for this rule. If sourceIp or targetIp are specified, you can omit this value - the IP version will then be deduced from the IP address(es) used; if you specify it anyway, it must match the specified IP address(es). If neither sourceIp nor targetIp are specified, this rule allows traffic only for the specified IP version. If neither sourceIp, targetIp nor ipVersion are specified, this rule will only allow IPv4 traffic.
IPv4Possible values: Only traffic originating from the respective IP address (or CIDR block) is allowed. Value null allows traffic from any IP address (according to the selected ipVersion).
22.231.113.64If the target NIC has multiple IP addresses, only the traffic directed to the respective IP address (or CIDR block) of the NIC is allowed. Value null allows traffic to any target IP address (according to the selected ipVersion).
22.231.113.64Defines the allowed code (from 0 to 254) if protocol ICMP or ICMPv6 is chosen. Value null allows all codes.
0Defines the allowed type (from 0 to 254) if the protocol ICMP or ICMPv6 is chosen. Value null allows all types.
8Defines the start range of the allowed port (from 1 to 65535) if protocol TCP or UDP is chosen. Leave portRangeStart and portRangeEnd value null to allow all ports.
8Defines the end range of the allowed port (from 1 to 65535) if the protocol TCP or UDP is chosen. Leave portRangeStart and portRangeEnd null to allow all ports.
8The type of the firewall rule. If not specified, the default INGRESS value is used.
INGRESSPossible values: PATCH /cloudapi/v6/datacenters/{datacenterId}/servers/{serverId}/nics/{nicId}/firewallrules/{firewallruleId} HTTP/1.1
Host: api.ionos.com
Authorization: Basic username:password
Content-Type: application/json
Accept: */*
Content-Length: 223
{
"name": "My resource",
"protocol": "TCP",
"sourceMac": "00:0a:95:9d:68:16",
"ipVersion": "IPv4",
"sourceIp": "22.231.113.64",
"targetIp": "22.231.113.64",
"icmpCode": 0,
"icmpType": 8,
"portRangeStart": 8,
"portRangeEnd": 8,
"type": "INGRESS"
}{
"id": "15f67991-0f51-4efc-a8ad-ef1fb31a480c",
"type": "firewall-rule",
"href": "<RESOURCE-URI>",
"metadata": {
"etag": "45480eb3fbfc31f1d916c1eaa4abdcc3",
"createdDate": "2015-12-04T14:34:09.809Z",
"createdBy": "[email protected]",
"createdByUserId": "[email protected]",
"lastModifiedDate": "2015-12-04T14:34:09.809Z",
"lastModifiedBy": "[email protected]",
"lastModifiedByUserId": "63cef532-26fe-4a64-a4e0-de7c8a506c90",
"state": "AVAILABLE"
},
"properties": {
"name": "My resource",
"protocol": "TCP",
"sourceMac": "00:0a:95:9d:68:16",
"ipVersion": "IPv4",
"sourceIp": "22.231.113.64",
"targetIp": "22.231.113.64",
"icmpCode": 0,
"icmpType": 8,
"portRangeStart": 8,
"portRangeEnd": 8,
"type": "INGRESS"
}
}Was this helpful?